According to a written statement Friday from public information officer Becky Ryan, a ransomware attack Sept. 17 encrypted several servers, putting several county departments out of commission. Officials are working to restore all systems, and all county offices were open and serving the public as of Friday, the statement said.
The only systems that are still down are those for email and for driver's licenses, which is not managed by the county.
County administrator Chad Kinsley said in the statement that the resolution after representatives negotiated with the hackers was "extraordinary."
"The ransom was reduced by more than 90 percent from hackers' original demand, an almost unheard-of outcome, every saved dollar of which is taxpayer revenue the county keeps to serve our citizens," he said in the statement.
Kinsley was not available for comment Friday, and other county officials directed The Mercury to Ryan for comment.
Ryan said she was at a conference and could only answer questions by email. She said the county decided not to give the ransom amount at this time because it is an ongoing investigation. She said the county's insurance carrier paid most of the ransom, and the county covered the rest.
The statement said the county didn't share many details about the attack initially to protect it from further attacks and to avoid compromising the investigation.
The IT team, including expert advisors, has now installed additional sensors on all servers to detect and prevent further attacks and is completing its forensic analysis of how the hackers gained access.
County officials back up systems daily, and they are using available backup files to begin rebuilding functionality, Ryan said.
The 150 county desktop and laptop computers must be individually imaged for forensics, wiped clean and reloaded with software.
The process can take up to eight hours per computer.
©2021 The Manhattan Mercury, Distributed by Tribune Content Agency, LLC.
